A data processing system may include hardware resources, such as a central processing unit (CPU), random access memory (RAM), read-only memory (ROM), etc. The processing system may also include software resources, such as a basic input/output system (BIOS), a virtual machine monitor (VMM), and one or more operating systems (OSs). When the computer system is started or reset, it may load the BIOS, and then the VMM. The VMM may include a root OS, or it may run on top of a root OS. A root OS may also be referred to as a host OS. The VMM may create one or more virtual machines (VMs), and the VMs may boot to different guest OSs or to different instances of the same guest OS. The VMM may thus allow multiple OSs and applications to run in independent partitions.
The CPU in such a data processing system may provide hardware support (e.g., instructions and data structures) for virtualization. Additional details about virtualization may be found in reference manuals such as the following:                INTEL® Virtualization Technology Specification for the IA-32 INTEL® Architecture, dated April 2005 (hereinafter “the VT-x Specification”); and        IA-32 INTEL® Architecture Software Developer's Manual, Volume 2B: Instruction Set Reference, N-Z, dated June 2006.        
Other manufacturers may produce processors with different features for supporting virtualization. A processing system may also include features referred to as LaGrande Technology (LT), as developed by Intel Corporation. The LT features may provide for the protected measurement and launching of a VMM. Additional details concerning LT are provided in the publication entitled “The Intel Safer Computing Initiative: Building Blocks for Trusted Computing,” which is currently available at intel.com/intelpress/validation100/secc/SECC_100Validation.pdf. For purposes of this disclosure, LaGrande Technology may also be referred to as INTEL® Trusted Execution Technology (TXT). Additional details concerning INTEL® TXT are provided in the publication entitled “INTEL® Trusted Execution Technology: Preliminary Architecture Specification” and dated November 2006 (the “INTEL® TXT Specification”). The INTEL® TXT Specification is currently available from intel.com/technology/security/downloads/315168.htm.
In addition to RAM and one or more CPUs, a processing system may include a security coprocessor, such as a trusted platform module (TPM). A TPM is a hardware component that resides within a processing system and provides various facilities and services for enhancing the security of the processing system. For example, a TPM may be implemented as an integrated circuit (IC) or semiconductor chip, and it may be used to protect data and to attest to the runtime configuration of a platform. A TPM may be implemented in accordance with specifications such as the Trusted Computing Group (TCG) TPM Specification Version 1.2, dated Oct. 2, 2003 (hereinafter the “TPM specification”), which includes parts such as Design Principles, Structures of the TPM, and TPM Commands. The TPM specification is published by the TCG and is available from the Internet at trustedcomputinggroup.org/home.
In general, a TCG-compliant TPM provides security services such as attesting to the identity and/or integrity of the platform, based on characteristics of the platform. For instance, trusted computing technologies may provide facilities for measuring, recording, and reporting the software configuration of a platform. Specifically, the measurements may include load-time measurements of software. Unfortunately, load-time measurements do not always accurately reflect the runtime configuration of the system, due to unrecorded changes caused by system bugs or malicious attacks.